SECURITY RESPONSIBILITIES IN INTERAGENCY COMPUTER TERMINAL LINKS

Approved For Release 2008/05/21 :CIA-RDP89B01354R000100090008-4 coHF~EHt~a~ COMPUTER SECURITY SUBCOMMITTEE OF THE UNITED STATES INTELLIGENCE BOARD SECURITY COMMITTEE IBSEC-CSS-R-7 19 February 1971 MEMORANDUM FOR: Chairman, United States Intelligence Board, Security Committee SUBJECT Security Responsibilities in Interagency Computer Terminal Links 1. In recent months, an increasing number of remote terminal installations have been identified where the terminal device is located in one agency of the Community and is linked to the computer system of another agency. Such installations present possible jurisdictional conflicts with regard to the responsibilities involved in the security of their operations. The possible conflict arises from their operation in an on-line mode when the security responsibilities of the two agencies are not specifically defined. 2. The Computer Security Subcommittee has reviewed this problem and feels that it may be addressed in generic fashion by the establishment of basic U5IB policy for the security responsibilities involved. 3. The Subcommittee has prepared the attached report as a proposed statement of USIB policy for such interagency computer terminal links. CONFiDEN11Al Approved For Release 2008/05/21 :CIA-RDP89B01354R000100090008-4  Approved For Release 2008/05/21 :CIA-RDP89B01354R000100090008-4 CONFIDENTIM. 4. Security Committee approval of this proposed policy is requested; further it is recommended that it then be forwarded to the Board for the latter's noting. airman Computer Security Subcommittee CONFIDENTIAL -- Approved For Release 2008/05/21 :CIA-RDP89B01354R000100090008-4  Approved For Release 2008/05/21 :CIA-RDP89B01354R000100090008-4 CONFIDE~H AT! ! SECURITY RESPONSIBILITIES IN INTERAGENCY COMPUTER TERMINAL LINKS I. PURPOSE: To establish USIB policy defining security responsibilities in interagency computer terminal links. II. DEFINITION: Interagency Computer Terminal Links: Computer opera- tions whereby one USIB agency installs and operates a computer terminal which is connected to the computer central processing unit and thereby operates as a part of a computer system con- trolled by a different USIB agency. III. POLICY: I:cl the operation of interagency computer terminal links, the following security responsibilities are recognized: A. Security requirements, including procedural controls, for the operation of remote terminals will be defined by the agency operating the central pro- cessing unit to which the terminal is connected; B. The agency installing and operating the remote terminal will insure that all security requirements, including procedural controls specified by the agency operating the system, will be followed in its use of the remote terminal device. ~pN~N~IAI 3~IEf Approved For Release 2008/05/21 :CIA-RDP89B01354R000100090008-4